1. Field
The present disclosure relates generally to computing and information system policies. More particularly, the present disclosure relates to a global policy analyzer for analyzing a set of policies and informing an authoring process by identifying policy errors and other aspects of the set of policies.
2. Background
Virtually all information and data processing systems are managed and controlled by computing and information system policies. Different types of policies may include, for example, but without limitation, authorization policies, information assurance policies, quality management services (QMS) policies, access control policies, network security policies, and computer use policies.
For example, information assurance policies govern information protection and sharing. Quality management services policies control utilization of data processing system resources. Network management policies govern computing network design, deployment, and administration.
Policies may be extremely complex and include numerous policy rules, policy elements, and attribute configurations. Due to this potential complexity, the author of a policy may inadvertently introduce inconsistencies and errors into the specification of a policy. As used herein, the term “policy specification” refers to a high level design or description of one or more policies. As used herein, the term “policy code” refers to a codification of the policy specification, wherein the code may be stored in a storage medium and is executable by one or more processors.
In addition to the above issues, it may be frequently difficult, time consuming, impractical, or cost prohibitive for a user to diagnose problems in policies, correct errors in policies, and author valid policies. Accordingly, it would be advantageous to have a method and apparatus which takes into account one or more of the issues discussed above, as well as other potential issues not listed above.